TCP/IP Networking Objectives –to learn how to integrate a SuSE system onto a...

download TCP/IP Networking Objectives –to learn how to integrate a SuSE system onto a TCP/IP network Contents –the TCP/IP protocol suite –IP addressing –basic TCP/IP

of 33

  • date post

    14-Dec-2015
  • Category

    Documents

  • view

    219
  • download

    5

Embed Size (px)

Transcript of TCP/IP Networking Objectives –to learn how to integrate a SuSE system onto a...

  • Slide 1

TCP/IP Networking Objectives to learn how to integrate a SuSE system onto a TCP/IP network Contents the TCP/IP protocol suite IP addressing basic TCP/IP applications TCP/IP configuration files Practicals working with TCP/IP utilities and files Summary Slide 2 Overview of TCP/IP US DoD funded experimental network supports inter-networks, inter-host communication most popular UNIX networking protocols Three basic protocols TCP - a reliable session protocol: telnet, ftp UDP - low overhead sessionless: NFS, NIS, DNS, routing IP - Network layer protocol, sessionless, base of TCP and UDP gatewaynetwork hosts Slide 3 All networked systems need a unique IP address address has four dot separated numbers (each 0 - 255) IP address mapped to hardware using ARP or RARP protocols Companies allocated a site address by NIC allocated class A B or C address ranges local administrator allocates individual host numbers Some address values reserved 0not used 255reserved for broadcasts Network address of 127 is reserved for loopback Network address of 10 is reserved for internal networks Network addesss of 172.16 is reserved for internal networks Network addesss of 192.168 is reserved for internal networks Internet Protocol Address Slide 4 7 bits 0 8 bits 24 bits 24 bit host addressnetwork 1 16 bit host address16 bit network 0 network addresses in range 0 - 126 network addresses in range 128.0 - 191.254 1 8 bit host 24 bit network 0 network addresses in range 192.0.0 - 223.254.254 1 14 bits16 bits 21 bits 8 bits Class A Addresses Class B Addresses Class C Addresses IP Address Format Slide 5 Defining IP Addresses Traditionally IP address defined in /etc/hosts one line per known host defining IP address hostname and aliases if last line is a + then NIS is being used hostnames are limited to 8 characters Larger sites use DNS (Domain Name Services) one or more hosts on the network maintain all IP addresses individual hosts request addresses as needed address cached locally to optimise DNS # more /etc/hosts 127.0.0.1localhost.localdomainlocalhost 192.168.0.12mash4077loghost mailhost 192.168.0.42rosies printserver 10.1.1.1seoul # more /etc/hosts 127.0.0.1localhost.localdomainlocalhost 192.168.0.12mash4077loghost mailhost 192.168.0.42rosies printserver 10.1.1.1seoul Slide 6 Analyze Network Interface Configuration Use ifconfig to view network interfaces use the -a option to list all configured interfaces # ifconfig -a eth0 Link encap:Ethernet HWaddr 00:50:04:50:61:98 inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:59078481 errors:0 dropped:0 overruns:84 frame:0 TX packets:53902612 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:22596609 errors:0 dropped:0 overruns:0 frame:0 TX packets:22596609 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 # ifconfig eth0 down # ifconfig eth0 up # ifconfig -a eth0 Link encap:Ethernet HWaddr 00:50:04:50:61:98 inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:59078481 errors:0 dropped:0 overruns:84 frame:0 TX packets:53902612 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:22596609 errors:0 dropped:0 overruns:0 frame:0 TX packets:22596609 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 # ifconfig eth0 down # ifconfig eth0 up Slide 7 Network Interface Configuration Use ifconfig to configure the network interface Permanent changes in /etc/sysconfig/network Files named like: ifcfg-eth-id- STATIC settings: DHCP settings: Alias interfaces Permanent changes in /etc/sysconfig/network-scripts/ifcfg-eth-id- Releasing/Renewing IP adresses ifdown eth0 / ifup eth0 # ifconfig eth0 192.168.0.1 netmask 255.255.255.0 up STARTMODE=auto BOOTPROTO=static BROADCAST=192.168.0.255 NETWORK=192.168.0.0 NETMASK=255.255.255.0 IPADDR=192.168.0.1 STARTMODE=auto BOOTPROTO=static BROADCAST=192.168.0.255 NETWORK=192.168.0.0 NETMASK=255.255.255.0 IPADDR=192.168.0.1 DEVICE=eth0 BOOTPROTO=dhcp STARTMODE=auto # Ifconfig eth0:0 192.168.1.12 IPADDR_0='192.168.1.99' NETMASK_0='255.255.255.0' LABEL_0='0' IPADDR_0='192.168.1.99' NETMASK_0='255.255.255.0' LABEL_0='0' Slide 8 Routing information Use route to get/manipulate network routing Route table netstat r(n) or route Routes to all directly connected networks are created automatic To add a net-route: route add net 192.168.7.0 gw 192.168.1.254 To delete a net-route: route del net 192.168.7.0 gw 192.168.1.254 SuSE can hande RIP/OSPF + traffic shaping Metric value for priority if different value or round robin if same: route add net 192.168.3.0 netmask 255.255.255.0 gw 192.168.1.253 metric 10 route add net 192.168.3.0 netmask 255.255.255.0 gw 192.168.1.254 metric 10 Detete the route: route del net 192.168.3.0 netmask 255.255.255.0 # route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 80.84.37.0 * 255.255.255.240 U 0 0 0 eth3 172.16.0.0 * 255.255.255.0 U 0 0 0 eth2 192.168.1.0 * 255.255.255.0 U 0 0 0 eth0 192.168.0.0 * 255.255.255.0 U 0 0 0 eth1 127.0.0.0 * 255.0.0.0 U 0 0 0 lo default router.ing-stee 0.0.0.0 UG 0 0 0 eth3 # route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 80.84.37.0 * 255.255.255.240 U 0 0 0 eth3 172.16.0.0 * 255.255.255.0 U 0 0 0 eth2 192.168.1.0 * 255.255.255.0 U 0 0 0 eth0 192.168.0.0 * 255.255.255.0 U 0 0 0 eth1 127.0.0.0 * 255.0.0.0 U 0 0 0 lo default router.ing-stee 0.0.0.0 UG 0 0 0 eth3 Slide 9 Routing information configuration Use route to configure the defaultrouter Permanent changes in /etc/sysconfig/network File named routes: Using several routes Permanent changes in /etc/sysconfig/network/routes Another way is to use /etc/init.d/boot.local This way is the most common in other RPM distributions # route add default gw 192.168.1.1 eth0 default 192.168.1.1 - - # route add -net 10.0.0.0 netmask 255.0.0.0 gw 192.168.1.254 eth0 route add -net 10.0.0.0 netmask 255.0.0.0 gw 192.168.1.254 eth0 10.0.0.0 192.168.1.254 255.0.0.0 eth-id-00:03:47:b0:5e:85 Slide 10 Adding/Removing NICs Adding NIC 1.Before going further, find out current NIC-order a) By physical inspection, pinging and moving cables. b) Look in /etc/modprobe.conf or find NIC modules with lsmod, lsdev, hwinfo, lspci and ksymoops Kernel key symbol is exported like [3c59x] for 3c905 boards. c) Modify /etc/modprobe.conf to reflect your wished NIC order. 2.Look if new NIC needs to be added in kernel or kernel need patch. If that is the case, recompile kernel and do step 1 again! 3.Power off the host 4.Insert the new NIC 5.If you are lucky, hwinfo and hald will find the new NIC and add it for you, you will be asked configuration parameters. 6.If everything goes well you can now goto step 1 once again to check out your NIC order. If you are satisfied it is time to do NIC configuration permanent. Removing NIC, you basically do the same steps but you now remove support, hald will detect NIC removal and you can remember its configuration. Slide 11 Changing NIC parameters Use ethtool to view NIC settings Using mii-tool to force 100MBit/s Full Duplex Making changes permanent /etc/init.d/boot.local # ethtool eth0 Supported ports: [ TP MII ] Supported link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full Supports auto-negotiation: Yes Advertised link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full Advertised auto-negotiation: Yes Speed: 100Mb/s Duplex: Full Port: MII PHYAD: 1 Transceiver: internal Auto-negotiation: on Supports Wake-on: g Wake-on: d Current message level: 0x00000007 (7) Link detected: yes # ethtool eth0 Supported ports: [ TP MII ] Supported link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full Supports auto-negotiation: Yes Advertised link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full Advertised auto-negotiation: Yes Speed: 100Mb/s Duplex: Full Port: MII PHYAD: 1 Transceiver: internal Auto-negotiation: on Supports Wake-on: g Wake-on: d Current message level: 0x00000007 (7) Link detected: yes # ethtool -s eth0 speed 100 duplex full Slide 12 Nameservers for non nameserver hosts Nameservers are stored in /etc/resolv.conf General format: NameserverThe nameservers to query for names DomainMy domain, my host is added to this domain. SearchA space delimited list of max six key domains to add hostnames to in the query if domain is missing. Optionsrotate round robin Nameserver list timeout:ndefault is 30 seconds attempts:ndefault is 3 or 4 Searchorder for finding hosts are stored in /etc/host.conf Name Service Switch config file /etc/nsswitch.conf domain my-site.com search my-site.com nameserver ip 2 nameserver ip 1 nameserver ip 3 order hosts,bind Hosts: files lwres dns Slide 13 Looking at Network Statistics Use netstat to get network status information use -a to view all sockets use -i to view interfaces use -rn to view routing statistics MRTG Multi Router Traffic Grapher Is common to make graphs over network traffic Usally togeather with SNMP Simple Network Management Protocol Apache is common for presentation of plots # netstat -i Kernel Interface table Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg eth0 1500 0 59098394 0 0 84 53924429 0 0 0 BRU lo 16436 0 22598046 0 0 0 22598046 0 0 0 LRU # netstat -i Kernel Interface table Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg eth0 1500 0 59098394 0 0 84 53924429 0 0 0 BRU lo 16436 0 22598046 0 0 0 22598046 0 0 0 LRU Slide 14 Activating SNMP Actviating at boot and starting SNMPD server Your server will now respond to SNMP messages Check that SNMP server responds Your server will now respond to SNMP messages The password public can be secured in /etc/snmpd.conf Apache webserver i